I realize this is not exactly at the core of this forum, but I feel it will become important for the Drupal community:

I host Mac1.no, a fairly large site by norwegian standards. One of their users has managed to create a widget that everyone seems to love. Unfortunately the user who wrote the code is a [self-censored] and created a widget that updates itself every 30 seconds, by reloading the entire page with graphics and everything. Now multiply that by a large number of users, and you have a disaster.

1) I think we may need a way to control number of page views per ip-address, say an average over 12 hours.
2) Does anyone know a way to distinguish Widgets / Dashboard from regular Safari users?

Comments

sepeck’s picture

Perhaps the troll module can provide a starting point for you.
http://drupal.org/node/18951

There is a Broswcap (http://drupal.org/node/26569) module that logs user agents. I use it on my for curiousity. Perhpas your could code the troll module to block based on user agents detected.....

-sp
---------
Test site, always start with a test site.
Drupal Best Practices Guide -|- Black Mountain

-Steven Peck
---------
Test site, always start with a test site.
Drupal Best Practices Guide

MashsaM’s picture

Maybe you could just try ro announce that to users, and ask them to stop using the widget, and the creator to stop distributing it.

It could save some hours of progamming and at least some people would stop using it. ;)

All the Best,
Zeca

sym’s picture

I'm not sure about this, but I think you could use apaches BrowserMatch directive (http://httpd.apache.org/docs/1.3/mod/mod_setenvif.html#browsermatch) to search for the user and block/reduce the downloads

arkepp’s picture

As far as I know, there is no way to distinguish widgets from Safari users. I'd love to be wrong :)

harald.walker’s picture

Safari:
Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/416.12 (KHTML, like Gecko) Safari/416.13

Dashboard Widget:
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/416.12 (KHTML, like Gecko)"

with a .htaccess rule you could probably identify the widget visitors and redirect the request to a simple text message.

arkepp’s picture

Thanks, you are right.

Turns out that one of our widget-authors has a habit of faking completely as Safari, and I randomly ended up looking at his requests when I was trying to tell the diference.

This will rule out 98% or so of the widgets, and the malicious ones can cover themselves up anyway. Thanks :)

ps. the subject of this post appears to be "Right Turns", I only wrote "Right" and that's what shows up when I edit it as well.

ps.ps. Camino (and probably others) also uses a similar user agent string, so looking for only Safari is not enough.

harald.walker’s picture

Camino is a Gecko based browser like Mozilla and Firefox and will identify itself as one.

harald.walker’s picture

Did you analyse the widget? How is it working? Does it use an iframe or xmlhttprequest? Offer a similar (better) widget yourself, since there is obviously demand and interest.

arkepp’s picture

Problem is it makes no sense to offer a widget that automatically reloads more than once every 20 minutes or so (these people want ever 30 seconds, live forum feed). If you have enough users, any server will be crushed under such a load.

kbahey’s picture

This amounts to a DDoS (Distributed Denial of Service) attack, although that is not the intention of the author for sure.

IP address blocking will not work since it comes from many users. User agent blocking will not work because it can be spoofed.

Try talking to the guy who wrote this and ask him to lengthen the time to minutes instead of seconds, and impose a long enough minimum.

Other avenues are:

- Check this development mailing list discussion of static caching. Some of the products discussed there may help.
--
Drupal development and customization: 2bits.com
Personal: Baheyeldin.com

--
Drupal performance tuning and optimization, hosting, development, and consulting: 2bits.com, Inc. and Twitter at: @2bits
Personal blog: Ba